Infrastructure/ansible
5
0
Fork 0
Code Issues Pull requests 3 Projects Releases Packages Wiki Activity Actions
37473 commits 9 branches 0 tags 110 MiB
Commit graph

22314 commits

Author SHA1 Message Date
Kevin Fenzi
8d3c180496 openshift / project: do not recurse on permissions 
There's some files that get created later (like keytabs) that we don't
want to keep changing back and forth and causing things to not be
idempotent.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-21 14:16:56 -07:00
Kevin Fenzi
68141d381b resultsdb: drop old vm's and adjust other apps to new openshift url 
Drop resultsdb vars and playbooks.
resultsdb is now in openshift and on a different url.
Adjust bodhi, pagure dist git for the new url.
Drop taskotron roles.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-21 14:01:28 -07:00
Kevin Fenzi
10c61924e7 bodhi / backend: fix yaml syntax 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-21 13:20:12 -07:00
Kevin Fenzi
c62bbb0df4 bodhi / backend: run owner-sync-pagure as apache user 
This has been broken since basically forever.
The bodhi keytab is owner by apache and expects to be run under that
user. Two reasons we never noticed/fixed this:

Until recently it was failing with a error trying to talk to pagure.io's
api. So I just thought it was too slow and needed to be optomized.
When I tweaked pagure's httpd config for the DDoS we had the other day I
fixed this on the server end, then it got to the auth error.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-21 13:02:50 -07:00
Aurélien Bompard
34eea99c7f
There's no defaults for read_priv 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-06-21 11:26:22 +02:00
Aurélien Bompard
bea4211790
Add missing tags 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-06-21 11:19:52 +02:00
Aurélien Bompard
58d703ae27
Limit topics that can be sent to 
Only a few apps have topic permissions, if this works well we'll have to
generalize it.

Fixes: #8167

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-06-21 11:16:09 +02:00
Tomas Hrcka
1b957c58bf Add pipewire, iptables and wine* to bodhi multilib_whitelist 
Signed-off-by: Tomas Hrcka <thrcka@redhat.com>
 2022-06-21 10:06:33 +02:00
Pavel Raiskup
af9a95c445 copr-be: clean stdout for the resalloc's cmd_list commands 2022-06-21 09:49:31 +02:00
Pavel Raiskup
9363a1713c copr-be: automatically terminate orphaned resalloc resources 
https://github.com/praiskup/resalloc/pull/95
 2022-06-21 08:22:45 +02:00
Michal Konečný
8997bc03d2 [release-monitoring] Fix the version of social auth 
The version of social auth changed and we need to change one file manually for
staging redirect.

Signed-off-by: Michal Konečný <mkonecny@redhat.com>
 2022-06-20 19:09:00 +02:00
Michal Konečný
61731c60f3 [release-monitoring] Fix staging build 
I forgot about popd, let's fix this now.

Signed-off-by: Michal Konečný <mkonecny@redhat.com>
 2022-06-20 18:36:09 +02:00
Michal Konečný
9188925cd2 [release-monitoring]Fix build issue on staging 
Messages schema is no longer part of main repository, so we can't install it
like before.

Signed-off-by: Michal Konečný <mkonecny@redhat.com>
 2022-06-20 18:03:49 +02:00
Adrian Reber
d87fdc1263
mirrormanager: scan primary mirror using another DNS entry 
Signed-off-by: Adrian Reber <adrian@lisas.de>
 2022-06-20 17:16:06 +02:00
Tomas Hrcka
864030d4da Use multilib_whitelist from pungi upstream 
Signed-off-by: Tomas Hrcka <thrcka@redhat.com>
 2022-06-20 12:17:11 +02:00
Luca BRUNO
5e4b7e30aa
coreos-cincinnati: deploy current git (dddedcf) 2022-06-20 08:16:59 +00:00
Luca BRUNO
9ea70274f3
coreos-cincinnati: build current git (dddedcf) 2022-06-20 07:59:40 +00:00
Kevin Fenzi
8c7ac6fa45 kojipkgs: add restart on fail conf 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-19 10:13:41 -07:00
Kevin Fenzi
f9a0479732 kojipkgs: restart varnish on failure 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-19 10:11:49 -07:00
Kevin Fenzi
ad2fe29c04 fas: drop yubiukey and totpcgi, nuke fas-stg test playbook. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-17 12:25:13 -07:00
Stephen Gallagher
d570e342d9
ODCS: Install xorriso 
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
 2022-06-17 12:17:38 -04:00
Kevin Fenzi
aba448e192 monitor-gating: try packagerbot 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-16 20:22:42 -07:00
Ryan Lerch
201707b04d Wiki: fix issue with version number in fedmsg plugin 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2022-06-17 13:19:46 +10:00
Kevin Fenzi
5b2168829c monitor-gating: try and fix stg keytab 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-16 20:09:38 -07:00
Ryan Lerch
ba3d86568f Fix the fedmsg emitter for the wiki 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2022-06-17 12:59:32 +10:00
Kevin Fenzi
2a44fd60e5 monitor-gating: move stage to ocp4 and see if we can clear up the kerberos auth issue 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-16 18:16:52 -07:00
Kevin Fenzi
9cbc8d420e mdapi: move to ocp4 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-16 17:36:31 -07:00
Kevin Fenzi
51f3a3549f toddlers: move prod to ocp4 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-16 17:28:09 -07:00
Sundeep Anand
05022b0fec Update roles/openshift-apps/transtats/files/buildconfig.yml 
Sticking to f34 which is known to be working with ocp3.
 2022-06-16 23:59:48 +00:00
Tomas Hrcka
68635ca67a compose-tracker update images to f36 
Signed-off-by: Tomas Hrcka <thrcka@redhat.com>
 2022-06-16 23:51:15 +00:00
Kevin Fenzi
d82fc074dc wiki: drop 2 hotfixes we no longer need 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-16 15:12:03 -07:00
Kevin Fenzi
985d30bcc6 wiki: drop HTTP302Found for now 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-16 14:31:57 -07:00
Ryan Lerch
db00f9020a [wiki] disable HTTP302Found plugin 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2022-06-17 06:56:14 +10:00
Ryan Lerch
e505abaa2f [wiki] apply new pluggable auth settings for prod 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2022-06-17 06:41:36 +10:00
Luca BRUNO
568a1fcde2
Revert "coreos-cincinnati: deploy current git (9155f94)" 
This reverts commit db9f6aac40.
 2022-06-16 14:03:03 +00:00
Luca BRUNO
db9f6aac40
coreos-cincinnati: deploy current git (9155f94) 2022-06-16 13:57:10 +00:00
Luca BRUNO
3f242165cf
coreos-cincinnati: build current git (9155f94) 2022-06-16 13:39:29 +00:00
Leonardo Rossetti
bb19ea17a3 updating resultsdb-ci-listener tag 2022-06-16 08:18:55 -03:00
Luca BRUNO
4fbb7d4756
coreos-cincinnati: deploy current git (c5f69da) 2022-06-16 08:47:17 +00:00
Luca BRUNO
a92c42eebb
coreos-cincinnati: build current git (c5f69da) 2022-06-16 08:03:02 +00:00
Francois Andrieu
c5a84d0438 websites: move to ocp4 2022-06-15 23:06:27 +00:00
Kevin Fenzi
0757ae95df greenwave: change nagios check for ocp4 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-15 16:01:01 -07:00
Kevin Fenzi
0fdaa314c0 greenwave: use prod-fedora in stg for now also 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-15 15:52:20 -07:00
Kevin Fenzi
fcc9d984da waiverdb / nagios: fix url to ocp4 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-15 15:37:38 -07:00
Kevin Fenzi
5b2d573432 greenwave: move to ocp4 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-15 15:32:30 -07:00
Kevin Fenzi
d18b6ba945 waiverdb: move prod now as well 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-15 15:13:31 -07:00
Kevin Fenzi
8f58783578 waiverdb: move to ocp4 in staging 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-15 15:04:22 -07:00
Kevin Fenzi
7105387724 pagure: increase some httpd worker limits 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-15 14:23:06 -07:00
Kevin Fenzi
45c28c27c5 pagure: add hack to 403 DDoS attack 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-15 14:18:39 -07:00
Kevin Fenzi
9399fbb4f0 flatpak-indexer: move to ocp4 in prod also 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-15 11:19:08 -07:00